GuardDuty Filter

GuardDuty Filter in AWS is a resource that lets you define and manage filtering criteria for findings generated by Amazon GuardDuty. Filters allow you to narrow down security findings based on attributes such as severity, type, or resource details, making it easier to focus on the most relevant threats.

aws.guardduty_filter

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
actioncorestringSpecifies the action that is to be applied to the findings that match the filter.
descriptioncorestringThe description of the filter.
finding_criteriacorejsonRepresents the criteria to be used in the filter for querying findings.
namecorestringThe name of the filter.
rankcoreint64Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
tagscorehstore